Imagine this: You get a call from your credit card company to confirm some unusual activity on your card. But you haven’t gone on any major shopping sprees lately, and you’re certainly not out of the country.

You’ve just been a victim of credit card theft, and now some phantom thief has put his face to your name and is racking up charges.

Credit card theft is not as uncommon as you might think. In 2008 alone, 10 million people were affected (which is a 22 percent increase from 2007).* At least two people close to me have experienced identity theft in the past few years, and I would be surprised if you don’t know someone who has also been affected, as well.

But maybe it’s not your credit card that was compromised. Maybe, as an association staff member, it’s your members whose identities are at risk. Now what? You or your member(s) will spend an average of 600 hours each recovering from the crime. It can take years to fully recover all damages from identity theft.**

What’s one easy way to take action to protect you — and your members — from credit card fraud?

Choose PCI Compliant vendors.

MemberClicks is proud to be a PCI Compliant vendor for all our payment processing services. But no matter which association management software you use, it’s crucial to choose one that has taken the most precautions to protect your and your members’ information.

In order to be certified as PCI Compliant, a vendor that handles credit card transactions must meet six requirements:

• Build and maintain a secure network
• Protect cardholder data
• Maintain a vulnerability management program
• Implement strong access control measures
• Regularly monitor and test networks
• Maintain an information security policy

As of Oct. 13, the Identity Theft Resource Center reports 403 data breaches this year. Credit card theft doesn’t just occur if someone steals your card. Anytime you enter your credit card number online, you’re at risk — especially if the vendor you’re working with is not PCI Compliant.

Some background on PCI Compliance…

The Payment Card Industry Security Standards Council was founded in 2006 by the five major credit card companies: American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Its mission is to enhance payment account data security and it promotes the security standards set in place by each company. Basically, the security standards call for all companies to process, store and transmit credit card information in a secure environment.

If your vendor isn’t PCI Compliant, your organization won’t be either. And if your organization is not compliant, you could face fines from the credit card companies or even the suspension of your ability to accept credit card payments.

PCI isn’t technically a law. It’s a set of security standards that the five major credit companies want businesses and vendors to meet in order to keep their customers’ data secure. However, some states do already have laws in place that force components of the security standards to be met.

Here’s a great set of frequently asked questions about PCI Compliance. No matter which vendors you work with, be sure to take PCI Compliance into account when choosing one that will handle your and your members’ credit card information.

* Source: Javelin Strategy and Research Center
** Source: Identity Theft Resource Center
Image via Flickr